Interface AccessTokenServiceInternal
- All Known Implementing Classes:
AccessTokenServiceInternalImpl
public interface AccessTokenServiceInternal
Defines all operations related to access and refresh tokens
- Since:
- 4.0
- Author:
- joseross
-
Method Summary
Modifier and TypeMethodDescriptioncreateAccessToken(String label, Instant expiresOn) Creates a new access token for the current usercreateTokens(org.springframework.security.core.Authentication auth, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) Creates the access & refresh tokens for the given authenticationvoiddeleteAccessToken(long id) Deletes an access token for the current uservoidDeletes all expired refresh tokensvoiddeletePreviewCookie(jakarta.servlet.http.HttpServletResponse response) Deletes the preview cookievoiddeleteRefreshToken(long userId) Deletes the refresh token for the given uservoiddeleteUsersTokens(List<Long> userIds) Deletes all the tokens for the given usersGet all existing access tokens for the current usergetUsername(String token) Returns the username for the given access tokenbooleanhasValidRefreshToken(org.springframework.security.core.Authentication auth, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) Checks if the given request contains a valid refresh tokenvoidrefreshPreviewCookie(org.springframework.security.core.Authentication authentication, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, boolean silent) Refresh the preview site cookie.updateAccessToken(long id, boolean enabled) Updates an access token for the current uservoidupdateRefreshToken(org.springframework.security.core.Authentication auth, jakarta.servlet.http.HttpServletResponse response) Updates the refresh token for the given responsevoidupdateUserActivity(org.springframework.security.core.Authentication authentication) Updates the user activity record to extend the timeout
-
Method Details
-
hasValidRefreshToken
boolean hasValidRefreshToken(org.springframework.security.core.Authentication auth, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) Checks if the given request contains a valid refresh token- Parameters:
auth- the current authenticationrequest- the request to checkresponse- the response- Returns:
- true if the request contains a valid refresh token
-
updateRefreshToken
void updateRefreshToken(org.springframework.security.core.Authentication auth, jakarta.servlet.http.HttpServletResponse response) Updates the refresh token for the given response- Parameters:
auth- the current authenticationresponse- the response
-
createTokens
AccessToken createTokens(org.springframework.security.core.Authentication auth, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) throws ServiceLayerException Creates the access & refresh tokens for the given authentication- Parameters:
auth- the current authenticationrequest- the requestresponse- the response- Returns:
- the access token
- Throws:
ServiceLayerException- if there is any error creating the access token
-
deleteRefreshToken
void deleteRefreshToken(long userId) Deletes the refresh token for the given user- Parameters:
userId- the id of the user
-
deleteExpiredRefreshTokens
void deleteExpiredRefreshTokens()Deletes all expired refresh tokens -
createAccessToken
PersistentAccessToken createAccessToken(String label, Instant expiresOn) throws ServiceLayerException Creates a new access token for the current user- Parameters:
label- the label of the access tokenexpiresOn- the date of expiration of the access token- Returns:
- the access token
- Throws:
ServiceLayerException- if there is any error creating the access token
-
getAccessTokens
List<PersistentAccessToken> getAccessTokens()Get all existing access tokens for the current user- Returns:
- the list of access tokens
-
updateAccessToken
Updates an access token for the current user- Parameters:
id- the id of the access tokenenabled- indicates if the token is enabled or not- Returns:
- the updated access token
-
deleteAccessToken
void deleteAccessToken(long id) Deletes an access token for the current user- Parameters:
id- the id of the access token
-
deleteUsersTokens
Deletes all the tokens for the given users- Parameters:
userIds- the user ids list
-
getUsername
Returns the username for the given access token- Parameters:
token- the access token- Returns:
- the username, null if the access token is invalid
-
updateUserActivity
void updateUserActivity(org.springframework.security.core.Authentication authentication) Updates the user activity record to extend the timeout- Parameters:
authentication- the current authentication
-
refreshPreviewCookie
void refreshPreviewCookie(org.springframework.security.core.Authentication authentication, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, boolean silent) throws ServiceLayerException Refresh the preview site cookie. This method will either update the cookie (or create it) with the current preview site if the user has access to it, or remove it if they do not.- Parameters:
authentication- the current authenticationrequest- the requestresponse- the responsesilent- if false, the method will throw an exception if the user does not have access to the preview site- Throws:
ServiceLayerException
-
deletePreviewCookie
void deletePreviewCookie(jakarta.servlet.http.HttpServletResponse response) Deletes the preview cookie- Parameters:
response- the response
-